This has been driving me up a wall.
I have a service in AngularJS that sends an Authorization header alongside any requests I make.
On the PHP end, I can successfully read that header, and test it. If the authentication token is not valid, I send out a 401 header.
$auth_header = $_SERVER['HTTP_AUTHORIZATION'];
$test = !valid($auth_header);
//var_dump($test);
if ($test) {
header("HTTP/1.1 401 Unauthorized");
exit;
}
The problem I run into is AngularJS keeps telling me that it is getting a 401, regardless of whether or not $test is true or false. I've tested by doing a vardump.
If I remove the header, it works just as I would expect: returning nothing if $test is false because of the exit, and returning the data I want if $test is true.
However, the moment I put in the header, the response ALWAYS comes back as 401.
It feels like the header is ignoring the if statement and I am completely baffled. I've searched and searched, and can't find any information on this problem, so I feel like it's something super simple that I am doing wrong. Help?
EDIT When I uncomment the var_dump($test), I get the following:
Bad Authorization Header:
bool(true)
Warning: Cannot modify header information - headers already sent by (output started at /home/test/public_html/test/api/sales.php:19) in /home/test/public_html/test/api/sales.php on line 23
Good Authorization Header:
bool(false) ["JSON Data"]
However, the moment I comment away the var_dump($test), I always get the following response from AngularJS.
XMLHttpRequest cannot load http://fakeurl.com/test/api/sales.php. Invalid HTTP status code 401
